For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

meena_60183's avatar
meena_60183
Icon for Nimbostratus rankNimbostratus
Nov 05, 2009

deleting current active connections on a BigIP

Hi All,     I am trying to find a way to kill (terminate) a user's connection based on an IP address. I used the following command     config b conn client 10.27.9.113 show ...
config
design
Anthony_7417's avatar
Anthony_7417
Historic F5 Account
Nov 06, 2009

 

On v10.0.1, I set up an SSH vip, opened an SSH connection and then deleted it:

 

 

b conn client 10.254.1.66 delete

 

 

A tcpdump on the client showed that it received a RST from the LTM, and my SSH session was closed with:

 

 

[root@webs ~] Read from remote host 10.254.1.22: Connection reset by peer

 

Connection to 10.254.1.22 closed.

 

 

So it seems to work for me.Though, I did notice that the LTM will not send a RST if "Reset on timeout" is disabled in the TCP profile for the vip. But, it is enabled by default.

 

 

Another way is to use the "b conn" command to specify an idle timeout of 1. This should cause a RST to be sent because of an idle timeout:

 

 

b conn client 10.254.1.66 idle timeout 1

 

 

 

 

Hope this helps